Feature complete Android Malware

This article is an excellent description of "Banker", an Android app designed to use very straightforward and efficient ways to steal all sort of credentials.

It also explains why Google protected several features behind additional permissions in Marshmallow:

- Draw over other apps:
A malware overlays anything it wants on screen, including with a transparent window, invisible but intercepting any touch event: which can let a malware guess everything you touch and type.
Now needs to be activated from the Apps "Configure Apps" settings.

- Apps with usage access:
A malware runs a background service to monitor which application activity is shown in front to the user like every second, and launches an activity or starts an overlay emulating legitimate credential / banking / credit card information request dialog.
Now needs to be activated from the Security settings.

Discussion on Hacker News: https://news.ycombinator.com/item?id=10619675


#supercurioBlog #security
Shared publiclyView activity